Some guy recently posted a strangely self-defeating link/troll/flame in an attempt to (I think) argue with Alex and/or myself regarding the relevance or lack thereof of ISACA’s CRISC certification. Now given that I think he might have been doing it to drive traffic to his CRISC training site, I won’t show him any link love […]
In comments to my “Why I Don’t Like CRISC” article, Oliver writes: CobIT allows to segregate what is called IT in analysable parts. Different Risk models apply to those parts. e.g. Information Security, Architecture, Project management. In certain areas the risk models are more mature (Infosec / Project Management) and in certain they are not […]
PREFACE: You might interpret this blog post as being negative about risk management here, dear readers. Don’t. This isn’t a diatrabe against IRM, only why “certification” around information risk is a really, really silly idea. Apparently, my blog about why I don’t like the idea of CRISC has long-term stickiness. Just today, Philip writes in […]